MacOS Ventura, iOS 16, and iPadOS 16 introduce a groundbreaking feature known as Apple Passkeys – a cutting-edge alternative to passwords. Aimed at delivering a password-less sign-in experience that is both secure and convenient, this article explores the concept of passkeys, their functionality, and the potential they hold as the future of authentication for websites and applications.
What exactly are Apple Passkeys?
Present on macOS Ventura, iOS 16, and iPadOS 16, as well as the new macOS Sonoma, iOS 17, and iPadOS 17, Apple Passkeys offer a password replacement for logging into websites and services using your Apple devices. Unlike traditional passwords that involve various characters, passkeys employ cryptographic techniques and leverage biometrics like Touch ID or Face ID to ensure a highly secure online account.
The uniqueness of passkeys lies in their ability to be backed up, synced, and end-to-end encrypted. By saving a passkey for a site or service, you can use it across other devices associated with your Apple ID, synced via iCloud Keychain.
Furthermore, due to cross-platform compatibility among Apple, Google, and Microsoft, passkeys can be used across different devices seamlessly.
This informative video from the FIDO Alliance demonstrates the practical workings of passkeys:
Embracing Passkeys offers several compelling advantages:
- No Password Creation: Bid farewell to the need for complex passwords and the troubles of memorization, as passkeys eliminate this tedious process.
- Effortless Log-in: Passkeys simplify the sign-in process by relying on biometrics, ensuring quick and direct access without the hassle of password resets.
- Enhanced Security: With end-to-end encryption and confinement to specific apps or websites, passkeys become impervious to cyberattacks and guessing attempts, providing heightened security.
Passkeys also provide business owners with several advantages:
- They enhance the security of work-related accounts.
- They minimize the need for IT support to reset passwords, thus conserving both time and financial resources.
- They make the ecommerce checkout process more efficient and user-friendly.
How to use passkeys?
Passkeys function much like the way you sign in with iCloud Keychain. Instead of setting up a username and password, your Mac will suggest saving a passkey for the website or app you’re using. This passkey will be stored securely in your iCloud account. So, the next time you access the app or visit the website on a device linked to your iCloud account, you can effortlessly sign in using Touch ID or Face ID for added convenience.
What Macs support passkeys?
Apple has not disclosed the specific Mac models that will be compatible with passkeys. Nonetheless, it’s essential to note that you’ll require a Mac equipped with Touch ID for biometric authentication to use Apple passkeys. This encompasses recent models such as the MacBook Pro, MacBook Air, or a desktop Mac equipped with an Apple keyboard featuring Touch ID support.
Additionally, since Passkeys are introduced with macOS Ventura, earlier versions of macOS Monterey and below will not support this functionality.
How to turn on iCloud Keychain in macOS Ventura/Sonoma?
To enable Passkeys functionality, ensure that iCloud Passwords & Keychain is activated, and the app or website in use supports WebAuthn. To enable iCloud & Keychain on macOS:
- Navigate to Apple menu > System Preferences > Apple ID (or System Settings and then click your name).
- Select iCloud.
- Turn on Passwords & Keychain.
* For iOS/iPadOS, go to your device Settings > Apple ID > iCloud > Passwords & Accounts > iCloud Keychain.
Remember, disabling iCloud Keychain will store password, passkey, and credit card information locally on the device. If you sign out of iCloud with Keychain activated, you will be asked whether to keep or delete this data.
How to setting up Apple Passkeys?
When you encounter an app or website supporting the FIDO Standard and wish to create an account, follow these steps:
- Tap the registration button.
- Enter your login information, such as a username, email address, or Apple ID.
- Authenticate using Touch or Face ID to create your passkeys.
- A notification will prompt you to use the saved passkey for future sign-ins to the website or app.
- Click Continue.
Subsequently, your Mac, iPhone, and iPad will mandate biometric authentication (Face ID or Touch ID) for access whenever you visit the website or use the app.
It is crucial to note that Apple emphasizes Passkeys are stored exclusively on your local device and not on any server, adding an extra layer of security.
Which websites currently offer passkey support?
In addition to configuring passkeys on your smartphone or computer, you’ll want to identify websites and services that are compatible with passkeys to put them to use. Thankfully, several prominent brands, including eBay, PayPal, Best Buy, Nvidia, and more, already offer passkey support.
For those seeking additional websites and services that embrace passkeys, it’s worth noting that one of the leading password manager solutions, 1Password, has recently introduced passkey support for iPhones.
Anticipate other brands announcing their adoption of passkeys as this password alternative gains wider acceptance.
Can passkeys be used with a password manager?
If you have a preferred password manager like 1Password or Dashlane, you might be curious about how passkeys integrate with them. While an iPhone/iPad password manager isn’t mandatory for utilizing passkeys, many of these managers do support the storage of passkeys in a similar manner to how they handle their own generated passwords. Well-known managers like 1Password already offer compatibility with passkeys, and others are in the process of implementing it.
What are the pros and cons of passkeys?
Passkeys bring forth numerous advantages akin to strong passwords managed through biometrics, ensuring a seamless user experience. Users readily adopt this technology once they grasp its value, freeing themselves from the burden of password requirements and the need to memorize multiple passwords. With syncability and support from major operating system makers under the FIDO standard, passkeys promise a harmonious cross-platform future, shielding against phishing attempts by preventing fake websites from accepting passkeys.
However, some limitations persist. Websites still allow logins using passkeys or traditional username/password combinations, leaving the latter susceptible to hacking and phishing. Moreover, getting locked out of iCloud or similar accounts could deny access to passkeys, necessitating universal portability. Additionally, businesses grapple with passkeys’ personal nature, posing challenges in managing employee access without IT control. Yet, passkeys hold promise as an exceptional improvement to existing authentication methods, potentially freeing users from the shackles of password management as they gradually pave the way for the future.
Are passkeys good or bad for privacy?
Passkeys can have a positive impact on privacy by enhancing security and reducing the exposure of traditional passwords. They offer the convenience of biometric authentication methods like Touch ID or Face ID while minimizing the risk of password breaches. However, privacy concerns may arise when passkeys are stored in the cloud, potentially granting service providers access to sensitive biometric data. The overall impact on privacy depends on how passkeys are implemented and whether you have control over your data.
Tip: Enhancing Your Mac’s Privacy. Securing your passwords is crucial, but don’t forget about other privacy aspects on your Mac, like search history, visited sites, and public Wi-Fi connections. Simplify data cleanup with 3rd-party security apps like CleanMyMac X. It swiftly clears browser data, Recent Items, and Wi-Fi networks, bolstering your Mac’s privacy and security.
The future is passkeys
Beneath the simplicity of passkeys lies a sophisticated system that combines ease of use with the utmost security. Each login is uniquely stored and verified by both your device and the website, ensuring that only authorized individuals can access the site with your device.